The U.S. Office of the Inspector General (OIG) recently completed an audit of the FBI’s inventory management processes. During that review, inspectors identified several severe weaknesses in inventory management and disposal procedures for storage media containing sensitive and classified information.
The OIG, a separate part of the Department of Justice from the FBI, published a report outlining the audit findings. That report outlines multiple problems with how the FBI addresses tracking its inventory of storage devices and its security when destroying those devices.
The inspectors further noted that the FBI is inconsistent in accounting for electronic storage material like hard drives, floppy drives, USB thumb drives, and other storage media after they’re removed from devices. The FBI affixes asset tags to the computers themselves but not the storage devices.
In some cases, inspectors found that FBI staff at the storage facility had received computers and servers lacking their internal storage devices and neglected to question why these were removed or what had happened to them. The OIG identified several non-functioning surveillance cameras at the storage facility, further increasing the risk of compromised data.
The FBI responded to the OIG audit report by agreeing with the identified weaknesses. The agency is revising its protocols for dealing with electronic storage media and making facility improvements to better secure and track the devices.
Among those improvements, the FBI storage facility has installed steel cages to store pallets and boxes of storage media. The agency is also upgrading surveillance cameras throughout the facility to ensure coverage of the cages and other sensitive areas.
